Patents by Inventor Craig D. Schmugar
Craig D. Schmugar has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11941119Abstract: Particular embodiments described herein provide for an electronic device that can be configured to allow for the mitigation of ransomware. For example, the system can determine that an application begins to execute, determine that the application attempts to modify a file, determine a file type for the file, and create a security event if the application is not authorized to modify the file type. In another example, the system determines an entropy value between the file and the attempted modification of the file, and create a security event if the entropy value satisfies a threshold or determine a system entropy value that includes a rate at which other files on the system are being modified by the application, and create a security event if the system entropy value satisfies a threshold.Type: GrantFiled: October 6, 2020Date of Patent: March 26, 2024Assignee: McAfee, LLCInventors: Craig D. Schmugar, Cedric Cochin, Andrew Furtak, Adam James Carrivick, Yury Bulygin, John J. Loucaides, Oleksander Bazhaniuk, Christiaan Beek, Carl D. Woodward, Ronald Gallella, Gregory Michael Heitzmann, Joel R. Spurlock
-
Publication number: 20210019411Abstract: Particular embodiments described herein provide for an electronic device that can be configured to allow for the mitigation of ransomware. For example, the system can determine that an application begins to execute, determine that the application attempts to modify a file, determine a file type for the file, and create a security event if the application is not authorized to modify the file type. In another example, the system determines an entropy value between the file and the attempted modification of the file, and create a security event if the entropy value satisfies a threshold or determine a system entropy value that includes a rate at which other files on the system are being modified by the application, and create a security event if the system entropy value satisfies a threshold.Type: ApplicationFiled: October 6, 2020Publication date: January 21, 2021Applicant: McAfee, LLCInventors: Craig D. Schmugar, Cedric Cochin, Andrew Furtak, Adam James Carrivick, Yury Bulygin, John J. Loucaides, Oleksander Bazhaniuk, Christiaan Beek, Carl D. Woodward, Ronald Gallella, Gregory Michael Heitzmann, Joel R. Spurlock
-
Patent number: 10831893Abstract: Particular embodiments described herein provide for an electronic device that can be configured to allow for the mitigation of ransomware. For example, the system can determine that an application begins to execute, determine that the application attempts to modify a file, determine a file type for the file, and create a security event if the application is not authorized to modify the file type. In another example, the system determines an entropy value between the file and the attempted modification of the file, and create a security event if the entropy value satisfies a threshold or determine a system entropy value that includes a rate at which other files on the system are being modified by the application, and create a security event if the system entropy value satisfies a threshold.Type: GrantFiled: July 14, 2016Date of Patent: November 10, 2020Assignee: McAfee, LLCInventors: Craig D. Schmugar, Cedric Cochin, Andrew Furtak, Adam James Carrivick, Yury Bulygin, John J. Loucaides, Oleksander Bazhaniuk, Christiaan Beek, Carl D. Woodward, Ronald Gallella, Gregory Michael Heitzmann, Joel R. Spurlock
-
Patent number: 10423782Abstract: There is disclosed in one example a computing apparatus, including: an interface to a backup source in a current state; a backup storage having stored thereon a first backup version of a previous state of the source; and a backup engine to: compute a delta between the current state and the previous state; save via the backup storage a second backup version sufficient to reconstruct the current state; and assign the second backup version a reputation relative to one or more previous backup versions.Type: GrantFiled: December 19, 2016Date of Patent: September 24, 2019Assignee: McAfee, LLCInventors: Igor G. Muttik, Simon Hunt, Cedric Cochin, Craig D. Schmugar, Robert Leong, Christiaan Beek, Yury Bulygin
-
Publication number: 20180173874Abstract: There is disclosed in one example a computing apparatus, including: an interface to a backup source in a current state; a backup storage having stored thereon a first backup version of a previous state of the source; and a backup engine to: compute a delta between the current state and the previous state; save via the backup storage a second backup version sufficient to reconstruct the current state; and assign the second backup version a reputation relative to one or more previous backup versions.Type: ApplicationFiled: December 19, 2016Publication date: June 21, 2018Applicant: McAfee, LLCInventors: Igor G. Muttik, Simon Hunt, Cedric Cochin, Craig D. Schmugar, Robert Leong, Christiaan Beek, Yury Bulygin
-
Publication number: 20180018458Abstract: Particular embodiments described herein provide for an electronic device that can be configured to allow for the mitigation of ransomware. For example, the system can determine that an application begins to execute, determine that the application attempts to modify a file, determine a file type for the file, and create a security event if the application is not authorized to modify the file type. In another example, the system determines an entropy value between the file and the attempted modification of the file, and create a security event if the entropy value satisfies a threshold or determine a system entropy value that includes a rate at which other files on the system are being modified by the application, and create a security event if the system entropy value satisfies a threshold.Type: ApplicationFiled: July 14, 2016Publication date: January 18, 2018Applicant: McAfee, Inc.Inventors: Craig D. Schmugar, Cedric Cochin, Andrew Furtak, Adam James Carrivick, Yury Bulygin, John J. Loucaides, Oleksander Bazhaniuk, Christiaan Beek, Carl D. Woodward, Ronald Gallella, Gregory Michael Heitzmann, Joel R. Spurlock
-
Publication number: 20170255776Abstract: Particular embodiments described herein provide for an electronic device that can be configured to determine a string sample of data, determine a hash of the string sample of data, automatically cluster the hash with other hashes from other string samples of data, and automatically create a signature hash string for the string sample of data.Type: ApplicationFiled: May 22, 2017Publication date: September 7, 2017Applicant: McAfee, Inc.Inventors: Zheng Zhang, Craig D. Schmugar
-
Patent number: 9723006Abstract: There is disclosed in an example a computing apparatus, including: a process deprivilging engine operable for: recognizing that a process has an undetermined reputation; intercepting a first access request directed to a first resource; determining that the first resource is not owned by the process; and at least partially blocking access to the first resource. There is further disclosed a method of providing the process deprivileging engine, and one or more computer-readable mediums having stored thereon executable instructions for providing the process deprivileging engine.Type: GrantFiled: June 27, 2015Date of Patent: August 1, 2017Assignee: McAfee, Inc.Inventors: Zheng Zhang, John D. Teddy, Craig D. Schmugar, Erdem Aktas, Clint R. Merrill, Kunal Mehta
-
Patent number: 9665716Abstract: Particular embodiments described herein provide for an electronic device that can be configured to determine a string sample of data, determine a hash of the string sample of data, automatically cluster the hash with other hashes from other string samples of data, and automatically create a signature hash string for the string sample of data.Type: GrantFiled: December 23, 2014Date of Patent: May 30, 2017Assignee: McAfee, Inc.Inventors: Zheng Zhang, Craig D. Schmugar
-
Publication number: 20170061164Abstract: In an example, there is disclosed a system and method for a two-device scrambled display. A first device displays content in a scrambled form. A second device acts as an interpreter, including an input driver for receiving a scrambled input; an output driver for displaying an organically perceptible output; and one or more logic elements comprising a unscrambling engine operable for: receiving an input on the input driver; detecting that at least a portion of the input is scrambled; unscrambling the scrambled portion of the input; and outputting an unscrambled analog of the scrambled input via the output driver.Type: ApplicationFiled: June 27, 2015Publication date: March 2, 2017Applicant: McAfee, Inc.Inventors: Craig D. Schmugar, Clint R. Merrill, Erdem Aktas, James Bean, Cedric Cochin, John D. Teddy
-
Publication number: 20160381024Abstract: There is disclosed in an example a computing apparatus, including: a process deprivilging engine operable for: recognizing that a process has an undetermined reputation; intercepting a first access request directed to a first resource;determining that the first resource is not owned by the process; and at least partially blocking access to the first resource. There is further disclosed a method of providing the process deprivileging engine, and one or more computer-readable mediums having stored thereon executable instructions for providing the process deprivileging engine.Type: ApplicationFiled: June 27, 2015Publication date: December 29, 2016Inventors: Zheng Zhang, John D. Teddy, Craig D. Schmugar, Erdem Aktas, Clint R. Merrill, Kunal Mehta
-
Publication number: 20160180088Abstract: Particular embodiments described herein provide for an electronic device that can be configured to determine a string sample of data, determine a hash of the string sample of data, automatically cluster the hash with other hashes from other string samples of data, and automatically create a signature hash string for the string sample of data.Type: ApplicationFiled: December 23, 2014Publication date: June 23, 2016Inventors: Zheng Zhang, Craig D. Schmugar
-
Publication number: 20160180087Abstract: Provided in some embodiments are systems and methods for remediating malware. Embodiments include receiving (from a process) a request to access data, determining that the process is an unknown process, providing the process with access to one or more data tokens in response to determining that the process is an unknown process, determining whether the process is engaging in suspicious activity with the one or more data tokens, and inhibiting execution of the process in response to determining that the process is engaging in suspicious activity with the one or more data tokens.Type: ApplicationFiled: December 23, 2014Publication date: June 23, 2016Inventors: Jonathan L. Edwards, Joel R. Spurlock, Aditya Kapoor, James Bean, Cedric Cochin, Craig D. Schmugar
-
Publication number: 20160117497Abstract: Computing platform security methods and apparatus are disclosed. An example apparatus includes a security application to configure a security task, the security task to detect a malicious element on a computing platform, the computing platform including a central processing unit and a graphics processing unit; and an offloader to determine whether the central processing unit or the graphics processing unit is to execute the security task; and when the graphics processing unit is to execute the security task, offload the security task to the graphics processing unit for execution.Type: ApplicationFiled: October 25, 2014Publication date: April 28, 2016Inventors: Paritosh Saxena, Adrian M.M.T. Dunbar, Michael S. Hughes, John Teddy, David Michael Durham, Balaji Vembu, Prashant Dewan, Debra Cablao, Nicholas D. Triantafillou, Craig D. Schmugar, Jason M. Surprise
-
Publication number: 20160117498Abstract: Computing platform security methods and apparatus are disclosed. An example apparatus includes a security application to configure a security task, the security task to detect a malicious element on a computing platform, the computing platform including a central processing unit and a graphics processing unit; and an offloader to determine whether the central processing unit or the graphics processing unit is to execute the security task; and when the graphics processing unit is to execute the security task, offload the security task to the graphics processing unit for execution.Type: ApplicationFiled: October 25, 2014Publication date: April 28, 2016Inventors: Paritosh Saxena, Adrian M.M.T. Dunbar, Michael S. Hughes, John Teddy, David Michael Durham, Balaji Vembu, Prashant Dewan, Debra Cablao, Nicholas D. Triantafillou, Craig D. Schmugar, Jason M. Surprise
-
Patent number: 8392994Abstract: A system, method and computer program product are provided for detecting unwanted data. A scan for unwanted data is performed to generate results of the scan. A context of the scan is then identified. Further, the presence of unwanted data is conditionally indicated based on both the results of the scan and the context of the scan.Type: GrantFiled: March 28, 2011Date of Patent: March 5, 2013Assignee: McAfee, Inc.Inventors: Joel Robert Spurlock, Craig D. Schmugar, Fraser Peter Howard
-
Publication number: 20110179491Abstract: A system, method and computer program product are provided for detecting unwanted data. A scan for unwanted data is performed to generate results of the scan. A context of the scan is then identified. Further, the presence of unwanted data is conditionally indicated based on both the results of the scan and the context of the scan.Type: ApplicationFiled: March 28, 2011Publication date: July 21, 2011Inventors: Joel Robert Spurlock, Craig D. Schmugar, Fraser Peter Howard
-
Patent number: 7917955Abstract: A system, method and computer program product are provided for detecting unwanted data. A scan for unwanted data is performed to generate results of the scan. A context of the scan is then identified. Further, the presence of unwanted data is conditionally indicated based on both the results of the scan and the context of the scan.Type: GrantFiled: January 14, 2005Date of Patent: March 29, 2011Assignee: McAfee, Inc.Inventors: Joel Robert Spurlock, Craig D. Schmugar, Fraser Peter Howard
-
Patent number: 6785820Abstract: A system, method and computer program product are provided for updating security software on a client. Initially, a parameter indicating a difference between a security update file and a previous security update file is identified. Next, a security program is conditionally updated with the security update file based on the parameter.Type: GrantFiled: April 2, 2002Date of Patent: August 31, 2004Assignee: Networks Associates Technology, Inc.Inventors: Igor G. Muttik, Vincent P. Gulletten, Craig D. Schmugar